cyber Cyber Attack

AT&T

Nov 13, 2022 1 min read
AT&T

A cybersecurity firm intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans.

It corresponds to current and former customers of AT&T.

It intercepted a 1.6 gigabyte compressed file on a popular dark web file-sharing site.

The largest item in the archive is a 3.6 gigabyte file called “dbfull,” and it contains 28.5 million records, including 22.8 million unique email addresses and 23 million unique SSNs.

There are no passwords in the database.

AT&T Internet is offered in 21 states and nearly all of the records in the database that contain a state designation corresponded to those 21 states; all other states made up just 1.64 percent of the records.

The vast majority of records in this database belong to consumers, but almost 13,000 of the entries are for corporate entities.

Source: https://krebsonsecurity.com/2022/08/it-might-be-our-data-but-its-not-our-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/att

"id": "att2145281022",
"linkid": "att",
"type": "Cyber Attack",
"date": "08/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"
{'affected_entities': [{'customers_affected': '23 million',
                        'industry': 'Telecommunications',
                        'location': ['21 states in the US'],
                        'name': 'AT&T',
                        'type': 'Telecommunications Company'}],
 'attack_vector': 'Dark Web File-Sharing Site',
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': ['dbfull'],
                 'number_of_records_exposed': '28.5 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'addresses',
                                              'email addresses',
                                              'phone numbers',
                                              'Social Security Numbers',
                                              'dates of birth']},
 'description': 'A cybersecurity firm intercepted a large, unique stolen data '
                'set containing the names, addresses, email addresses, phone '
                'numbers, Social Security Numbers and dates of birth on nearly '
                '23 million Americans corresponding to current and former '
                'customers of AT&T.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'email addresses',
                                 'phone numbers',
                                 'Social Security Numbers',
                                 'dates of birth']},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
                           'entry_point': 'Dark Web File-Sharing Site'},
 'title': 'Data Breach of AT&T Customer Information',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.